archives

forensic methodology

This tag is associated with 13 posts

ICDF2C 2018 – Recap

This article is a recap of some of the main highlights from the ICDF2C conference 2018, which took place in New Orleans, LA, USA from the 10th-12th September. The program began on Monday 10th September with the usual welcome registration. The conference was held at Chateau LeMoyne in New Orleans’ French Quarter: a beautiful hotel complete … Continue reading

Walkthrough: Oxygen Forensic Detective Latest Features

Within Oxygen, you’re able to not only connect one device, but several devices, and image them simultaneously. Oxygen’s extractor runs independently of Oxygen Detective, and that’s what allows you to run several different extractions at the same time, and there is no limit other than what the machine you were using will allow. So again, … Continue reading

Word Forensic Analysis And Compound File Binary Format

by Arman Gungor Microsoft Word forensic analysis is something digital forensic investigators do quite often for document authentication. Because of the great popularity of Microsoft Office, many important business documents such as contracts and memoranda are created using Word. When things go south, some of these documents become key evidence and subject to forensic authentication. My goal … Continue reading

Focused Digital Forensic Methodology

by Haider H. Khaleel Abstract Since the end of the 19th Century until the current time, law enforcement has been facing a rapid increase in computer-related crimes. In the present time, digital forensics has become an important aspect of not only law enforcement investigations, but also; counter-terrorism investigations, civil litigations, and investigating cyber-incidents. Due to … Continue reading

Windows 8: Important Considerations for Computer Forensics and Electronic Discovery

Introduction Documents identified by computer forensic investigations in civil litigation typically require review and analysis by attorneys to determine if the uncovered evidence could support causes of action such as breach of contract, breach of fiduciary duty, misappropriation of trade secrets, tortious interference, or unfair competition.  In addition, bit-for-bit forensic imaging of workstations is also … Continue reading

Retrieving Digital Evidence: Methods, Techniques and Issues

by Yuri Gubanov yug@belkasoft.com Belkasoft Ltd. http://belkasoft.com Abstract This article describes the various types of digital forensic evidence available on users’ PC and laptop computers, and discusses methods of retrieving such evidence. Download article in PDF format Introduction A recent research conducted by Berkeley scientists concluded that up to 93% of all information never leaves the digital domain. This … Continue reading

Mobile Phone Forensic Challenges

Introduction A great number of the mobile phones used worldwide every second require special knowledge and skills from forensic experts.  More often it is not enough to be an experienced expert in computer forensics to understand all the peculiarities and difficulties of the mobile forensics. This article describes technical problems encountered by specialists in mobile … Continue reading

Firefox Cache Format and Extraction

Introduction In the forensic lab where I work, we frequently investigate malware-infected workstations.  As our user population started shifting from Internet Explorer to Firefox, we observed that one of our favorite forensic tools, Kristinn Gudjonsson’s log2timeline, wasn’t able to provide as much data for Firefox as it was for IE.  The missing component was cache … Continue reading

Forensic Imaging of Hard Disk Drives- What we thought we knew

By Todd G. Shipley and Bryan Door (A complete copy of this white paper and its figures and diagrams can be found at http://www.nfdrtc.net). WHAT WE HAVE BEEN TAUGHT Imaging of hard drives has been the main stay of the “Science” part of digital forensics for many years.  It has been articulated by many, including us, … Continue reading

The Enhanced Digital Investigation Process Model

First published September 2005 Venansius Baryamureeba and Florence Tushabe barya@ics.mak.ac.ug, tushabe@ics.mak.ac.ug Institute of Computer Science, Makerere University P.O.Box 7062, Kampala Uganda http://www.makerere.ac.ug/ics May 27, 2004 Abstract Computer crimes are on the rise and unfortunately less than two percent of the reported cases result in conviction. The process (methodology and approach) one adopts in conducting a … Continue reading

Collecting And Preserving Electronic Media

First published May 2005 by Joan E. Feldman, President Computer Forensics Inc. http://www.forensics.com The discovery process in civil litigation has always been a critical and sometimes confusing area for attorneys. Most attorneys have wondered, at one time or another, whether they pursued all leads and uncovered all material that could help them to prevail. It … Continue reading

Computer Forensics – A Business Tool

First published March 2005 by Andy Fox Director Audax Digital Forensics http://www.audaxuk.com March 2005 Computer forensics has become an increasingly important part of IT security. A 2003 survey carried out on 201 companies by the National High Tech Crime Unit (in the UK) showed that computer related crime is costing an estimated GBP195 million nationally … Continue reading

Data Forensics – The smoking gun may be a click away

First published September 2004 By PAUL G. LEWIS Lewis is the founding partner of PG Lewis & Associates of Whitehouse Station, a data forensics firm. http://www.pglewis.com Enquiries to Rob Kleeger, rkleeger@pglewis.com This article is reprinted with permission from the SEPTEMBER 13, 2004 issue of the New Jersey Law Journal. ©2004 ALM Properties, Inc. Further duplication … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,152 other followers